Add rabbitmq ingress gateway def
This commit is contained in:
parent
9359ee62c0
commit
8880b983ac
@ -2,7 +2,7 @@ apiVersion: v2
|
||||
name: kubezero-istio
|
||||
description: KubeZero Umbrella Chart for Istio
|
||||
type: application
|
||||
version: 0.2.2
|
||||
version: 0.2.3
|
||||
appVersion: 1.6.7
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
|
@ -60,6 +60,18 @@ spec:
|
||||
privateKey: /etc/istio/ingressgateway-certs/tls.key
|
||||
serverCertificate: /etc/istio/ingressgateway-certs/tls.crt
|
||||
credentialName: public-ingress-cert
|
||||
- port:
|
||||
number: 5672
|
||||
name: amqp
|
||||
protocol: TCP
|
||||
hosts:
|
||||
- "*"
|
||||
- port:
|
||||
number: 5671
|
||||
name: amqps
|
||||
protocol: TCP
|
||||
hosts:
|
||||
- "*"
|
||||
- port:
|
||||
number: 24224
|
||||
name: fluentd-forward
|
||||
|
23
charts/kubezero-logging/.helmignore
Normal file
23
charts/kubezero-logging/.helmignore
Normal file
@ -0,0 +1,23 @@
|
||||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*.orig
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
21
charts/kubezero-logging/Chart.yaml
Normal file
21
charts/kubezero-logging/Chart.yaml
Normal file
@ -0,0 +1,21 @@
|
||||
apiVersion: v2
|
||||
name: kubezero-logging
|
||||
description: KubeZero Umbrella Chart for complete EFK stack
|
||||
type: application
|
||||
version: 0.0.1
|
||||
appVersion: 1.2.0
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
keywords:
|
||||
- kubezero
|
||||
- elasticsearch
|
||||
- kibana
|
||||
- fluentd
|
||||
- fluent-bit
|
||||
maintainers:
|
||||
- name: Quarky9
|
||||
dependencies:
|
||||
- name: kubezero-lib
|
||||
version: ">= 0.1.3"
|
||||
repository: https://zero-down-time.github.io/kubezero/
|
||||
kubeVersion: ">= 1.16.0"
|
47
charts/kubezero-logging/README.md
Normal file
47
charts/kubezero-logging/README.md
Normal file
@ -0,0 +1,47 @@
|
||||
kubezero-logging
|
||||
================
|
||||
KubeZero Umbrella Chart for complete EFK stack
|
||||
|
||||
Current chart version is `0.0.1`
|
||||
|
||||
Source code can be found [here](https://kubezero.com)
|
||||
|
||||
## Chart Requirements
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 |
|
||||
|
||||
## Changes from upstream
|
||||
### ECK
|
||||
- Operator mapped to controller nodes
|
||||
|
||||
### ElasticSearch
|
||||
|
||||
- Installed Plugins:
|
||||
- repository-s3
|
||||
- elasticsearch-prometheus-exporter
|
||||
|
||||
- [Cross AZ Zone awareness](https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-advanced-node-scheduling.html#k8s-availability-zone-awareness) is implemented via nodeSets
|
||||
|
||||
## Manual tasks ATM
|
||||
|
||||
- Install index template
|
||||
- setup Kibana
|
||||
- create `logstash-*` Index Pattern
|
||||
|
||||
## Chart Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| es.replicas | int | `2` | |
|
||||
| es.storage.class | string | `"local-sc-xfs"` | |
|
||||
| es.storage.size | string | `"16Gi"` | |
|
||||
| fullnameOverride | string | `"logging"` | |
|
||||
| kibana.replicas | int | `1` | |
|
||||
| version | string | `"7.6.0"` | |
|
||||
|
||||
## Resources:
|
||||
|
||||
- https://www.elastic.co/downloads/elastic-cloud-kubernetes
|
||||
- https://github.com/elastic/cloud-on-k8s
|
41
charts/kubezero-logging/README.md.gotmpl
Normal file
41
charts/kubezero-logging/README.md.gotmpl
Normal file
@ -0,0 +1,41 @@
|
||||
{{ template "chart.header" . }}
|
||||
{{ template "chart.description" . }}
|
||||
|
||||
{{ template "chart.versionLine" . }}
|
||||
|
||||
{{ template "chart.sourceLinkLine" . }}
|
||||
|
||||
{{ template "chart.requirementsSection" . }}
|
||||
|
||||
## Changes from upstream
|
||||
### ECK
|
||||
- Operator mapped to controller nodes
|
||||
|
||||
### ES
|
||||
|
||||
- SSL disabled ( Todo: provide cluster certs and setup Kibana/Fluentd to use https incl. client certs )
|
||||
|
||||
- Installed Plugins:
|
||||
- repository-s3
|
||||
- elasticsearch-prometheus-exporter
|
||||
|
||||
- [Cross AZ Zone awareness](https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-advanced-node-scheduling.html#k8s-availability-zone-awareness) is implemented via nodeSets
|
||||
|
||||
### Kibana
|
||||
|
||||
- increased timeout to ES to 3 minutes
|
||||
|
||||
|
||||
## Manual tasks ATM
|
||||
|
||||
- Install index template
|
||||
- setup Kibana
|
||||
- create `logstash-*` Index Pattern
|
||||
|
||||
|
||||
{{ template "chart.valuesSection" . }}
|
||||
|
||||
## Resources:
|
||||
|
||||
- https://www.elastic.co/downloads/elastic-cloud-kubernetes
|
||||
- https://github.com/elastic/cloud-on-k8s
|
3008
charts/kubezero-logging/eck/all-in-one.yaml
Normal file
3008
charts/kubezero-logging/eck/all-in-one.yaml
Normal file
File diff suppressed because it is too large
Load Diff
6
charts/kubezero-logging/eck/kustomization.yaml
Normal file
6
charts/kubezero-logging/eck/kustomization.yaml
Normal file
@ -0,0 +1,6 @@
|
||||
resources:
|
||||
- all-in-one.yaml
|
||||
|
||||
# map operator to controller nodes
|
||||
patchesStrategicMerge:
|
||||
- map-operator.yaml
|
14
charts/kubezero-logging/eck/map-operator.yaml
Normal file
14
charts/kubezero-logging/eck/map-operator.yaml
Normal file
@ -0,0 +1,14 @@
|
||||
apiVersion: apps/v1
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
name: elastic-operator
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
nodeSelector:
|
||||
node-role.kubernetes.io/master: ""
|
||||
tolerations:
|
||||
- key: CriticalAddonsOnly
|
||||
operator: Exists
|
||||
- key: node-role.kubernetes.io/master
|
||||
effect: NoSchedule
|
7
charts/kubezero-logging/eck/update.sh
Executable file
7
charts/kubezero-logging/eck/update.sh
Executable file
@ -0,0 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
ECK_VERSION=1.2.0
|
||||
|
||||
curl -o all-in-one.yaml https://download.elastic.co/downloads/eck/${ECK_VERSION}/all-in-one.yaml
|
||||
|
||||
kubectl kustomize . > ../templates/eck-operator.yaml
|
3058
charts/kubezero-logging/templates/eck-operator.yaml
Normal file
3058
charts/kubezero-logging/templates/eck-operator.yaml
Normal file
File diff suppressed because it is too large
Load Diff
83
charts/kubezero-logging/templates/elasticsearch.yaml
Normal file
83
charts/kubezero-logging/templates/elasticsearch.yaml
Normal file
@ -0,0 +1,83 @@
|
||||
{{- if .Values.es.nodeSets }}
|
||||
apiVersion: elasticsearch.k8s.elastic.co/v1
|
||||
kind: Elasticsearch
|
||||
metadata:
|
||||
name: {{ template "kubezero-lib.fullname" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
{{ include "kubezero-lib.labels" . | indent 4 }}
|
||||
spec:
|
||||
version: {{ .Values.version }}
|
||||
nodeSets:
|
||||
{{- range .Values.es.nodeSets }}
|
||||
- name: {{ .name }}
|
||||
config:
|
||||
node.master: true
|
||||
node.data: true
|
||||
node.ingest: true
|
||||
node.ml: false
|
||||
prometheus.indices: false
|
||||
{{- if .zone }}
|
||||
node.attr.zone: {{ .zone }}
|
||||
cluster.routing.allocation.awareness.attributes: zone
|
||||
{{- end }}
|
||||
podTemplate:
|
||||
{{- if $.Values.es.s3_snapshot_iamrole }}
|
||||
metadata:
|
||||
annotations:
|
||||
iam.amazonaws.com/role: {{ $.Values.es.s3_snapshot_iamrole }}
|
||||
{{- end }}
|
||||
spec:
|
||||
initContainers:
|
||||
- name: install-plugins
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- |
|
||||
bin/elasticsearch-plugin install --batch repository-s3 && bin/elasticsearch-plugin install --batch https://github.com/vvanholl/elasticsearch-prometheus-exporter/releases/download/{{ $.Values.version }}.0/prometheus-exporter-{{ $.Values.version }}.0.zip
|
||||
containers:
|
||||
- name: elasticsearch
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 2500Mi
|
||||
limits:
|
||||
memory: 4Gi
|
||||
env:
|
||||
- name: ES_JAVA_OPTS
|
||||
value: "-Xms2g -Xmx2g"
|
||||
affinity:
|
||||
podAntiAffinity:
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
- podAffinityTerm:
|
||||
labelSelector:
|
||||
matchLabels:
|
||||
elasticsearch.k8s.elastic.co/cluster-name: {{ $.Values.name }}
|
||||
topologyKey: kubernetes.io/hostname
|
||||
{{- if .zone }}
|
||||
nodeAffinity:
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
nodeSelectorTerms:
|
||||
- matchExpressions:
|
||||
- key: failure-domain.beta.kubernetes.io/zone
|
||||
operator: In
|
||||
values:
|
||||
- {{ .zone }}
|
||||
{{- end }}
|
||||
count: {{ .count }}
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: elasticsearch-data
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .storage.size }}
|
||||
storageClassName: {{ .storage.class }}
|
||||
{{- end }}
|
||||
http:
|
||||
tls:
|
||||
selfSignedCertificate:
|
||||
disabled: true
|
||||
{{- end }}
|
20
charts/kubezero-logging/templates/es-servicemonitor.yaml
Normal file
20
charts/kubezero-logging/templates/es-servicemonitor.yaml
Normal file
@ -0,0 +1,20 @@
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: es-{{ .Values.name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
spec:
|
||||
endpoints:
|
||||
- basicAuth:
|
||||
username:
|
||||
name: {{ .Values.name }}-es-elastic-user
|
||||
key: username
|
||||
password:
|
||||
name: {{ .Values.name }}-es-elastic-user
|
||||
key: elastic
|
||||
port: http
|
||||
path: /_prometheus/metrics
|
||||
selector:
|
||||
matchLabels:
|
||||
common.k8s.elastic.co/type: elasticsearch
|
||||
elasticsearch.k8s.elastic.co/cluster-name: {{ .Values.name }}
|
12
charts/kubezero-logging/templates/es-users.yaml
Normal file
12
charts/kubezero-logging/templates/es-users.yaml
Normal file
@ -0,0 +1,12 @@
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
type: Opaque
|
||||
metadata:
|
||||
labels:
|
||||
common.k8s.elastic.co/type: elasticsearch
|
||||
elasticsearch.k8s.elastic.co/cluster-name: {{ .Values.name }}
|
||||
name: {{ .Values.name }}-es-elastic-user
|
||||
namespace: {{ .Release.Namespace }}
|
||||
data:
|
||||
username: {{ "elastic" | b64enc | quote }}
|
||||
elastic: {{ .Values.es.elastic_password | b64enc | quote }}
|
18
charts/kubezero-logging/templates/istio-virtualservice.yaml
Normal file
18
charts/kubezero-logging/templates/istio-virtualservice.yaml
Normal file
@ -0,0 +1,18 @@
|
||||
{{- if .Values.kibana.istio.enabled }}
|
||||
apiVersion: networking.istio.io/v1alpha3
|
||||
kind: VirtualService
|
||||
metadata:
|
||||
name: {{ template "kubezero-lib.fullname" . }}-kibana
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
{{ include "kubezero-lib.labels" . | indent 4 }}
|
||||
spec:
|
||||
hosts:
|
||||
- {{ .Values.kibana.istio.url }}
|
||||
gateways:
|
||||
- {{ default "istio-system/ingressgateway" .Values.kibana.istio.gateway }}
|
||||
http:
|
||||
- route:
|
||||
- destination:
|
||||
host: {{ template "kubezero-lib.fullname" . }}-kb-http
|
||||
{{- end }}
|
35
charts/kubezero-logging/templates/kibana.yaml
Normal file
35
charts/kubezero-logging/templates/kibana.yaml
Normal file
@ -0,0 +1,35 @@
|
||||
{{- if .Values.kibana }}
|
||||
apiVersion: kibana.k8s.elastic.co/v1
|
||||
kind: Kibana
|
||||
metadata:
|
||||
name: {{ template "kubezero-lib.fullname" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
{{ include "kubezero-lib.labels" . | indent 4 }}
|
||||
spec:
|
||||
version: {{ .Values.version }}
|
||||
count: {{ .Values.kibana.count }}
|
||||
elasticsearchRef:
|
||||
name: {{ template "kubezero-lib.fullname" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
config:
|
||||
elasticsearch.requestTimeout: 180000
|
||||
elasticsearch.shardTimeout: 180000
|
||||
#xpack.monitoring.enabled: false
|
||||
#xpack.monitoring.ui.enabled: false
|
||||
#xpack.ml.enabled: false
|
||||
podTemplate:
|
||||
spec:
|
||||
containers:
|
||||
- name: kibana
|
||||
resources:
|
||||
requests:
|
||||
memory: 1Gi
|
||||
cpu: 100m
|
||||
limits:
|
||||
memory: 2Gi
|
||||
http:
|
||||
tls:
|
||||
selfSignedCertificate:
|
||||
disabled: true
|
||||
{{- end }}
|
26
charts/kubezero-logging/values-test.yaml
Normal file
26
charts/kubezero-logging/values-test.yaml
Normal file
@ -0,0 +1,26 @@
|
||||
# Default values for zdt-logging.
|
||||
# This is a YAML-formatted file.
|
||||
# Declare variables to be passed into your templates.
|
||||
|
||||
# This is for backwards compatibility with older zdt-logging setup
|
||||
fullnameOverride: logging
|
||||
|
||||
# Version for ElasticSearch and Kibana have to match so we define it at top-level
|
||||
version: 7.6.0
|
||||
|
||||
es:
|
||||
nodeSets:
|
||||
- count: 2
|
||||
storage:
|
||||
size: 16Gi
|
||||
class: local-sc-xfs
|
||||
zone: us-west-2a
|
||||
s3_snapshot_iamrole: "" # INSERT_CLOUDFORMATION_OUTPUT_ElasticSearchSnapshots
|
||||
elastic_password: "" # super_secret_elastic_password
|
||||
|
||||
kibana:
|
||||
replicas: 1
|
||||
istio:
|
||||
enabled: true
|
||||
url: kibana.example.com
|
||||
gateway: istio-system/private-ingressgateway
|
27
charts/kubezero-logging/values.yaml
Normal file
27
charts/kubezero-logging/values.yaml
Normal file
@ -0,0 +1,27 @@
|
||||
# Default values for zdt-logging.
|
||||
# This is a YAML-formatted file.
|
||||
# Declare variables to be passed into your templates.
|
||||
|
||||
# This is for backwards compatibility with older zdt-logging setup
|
||||
# fullnameOverride: logging
|
||||
|
||||
# Version for ElasticSearch and Kibana have to match so we define it at top-level
|
||||
version: 7.8.1
|
||||
|
||||
es:
|
||||
nodeSets: []
|
||||
#- count: 2
|
||||
# storage:
|
||||
# size: 16Gi
|
||||
# class: local-sc-xfs
|
||||
# zone: us-west-2a
|
||||
s3_snapshot_iamrole: "" # INSERT_CLOUDFORMATION_OUTPUT_ElasticSearchSnapshots
|
||||
elastic_password: "" # super_secret_elastic_password
|
||||
|
||||
kibana:
|
||||
#replicas: 1
|
||||
#servicename: kibana.example.com
|
||||
istio:
|
||||
enabled: false
|
||||
gateway: "istio-system/ingressgateway"
|
||||
url: "" # kibana.example.com
|
Loading…
Reference in New Issue
Block a user